urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.152.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tillit2.nordictrustee.com/
Effective URL: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-...
Submission: On December 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 27 HTTP transactions. The main IP is 20.190.152.21, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 29.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 17th 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 20.105.161.38 8075 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 20.190.152.21 8075 (MICROSOFT...)
10 2620:1ec:49::40 8075 (MICROSOFT...)
1 40.126.24.81 8075 (MICROSOFT...)
2 152.199.4.73 15133 (EDGECAST)
1 2603:1036:300... 8075 (MICROSOFT...)
27 8
7    20.105.161.38 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tillit2.nordictrustee.com
2    2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    20.190.152.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
10    2620:1ec:49::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    40.126.24.81 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    152.199.4.73 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
1    2603:1036:3000:18::1 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
10 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2586
197 KB
7 nordictrustee.com
tillit2.nordictrustee.com
1 MB
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 29
107 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 7597
42 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1604
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 62
27 8
Domain Requested by
10 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
7 tillit2.nordictrustee.com 1 redirects tillit2.nordictrustee.com
3 login.microsoftonline.com tillit2.nordictrustee.com
login.microsoftonline.com
aadcdn.msauth.net
2 aadcdn.msauthimages.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com tillit2.nordictrustee.com
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
27 8

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
*.nordictrustee.com
Sectigo RSA Organization Validation Secure Server CA		 2022-01-18 -
2023-01-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-11-17 -
2023-11-17		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2022-08-23 -
2023-08-23		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2022-10-04 -
2023-10-04		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2022-10-04 -
2023-10-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
Frame ID: EF786034DE8DB91EB2B5AC4BFBB173A3
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. http://tillit2.nordictrustee.com/ HTTP 301
    https://tillit2.nordictrustee.com/ Page URL
  2. https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token... Page URL
  3. https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token... Page URL

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1593 kB
Transfer

5719 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tillit2.nordictrustee.com/ HTTP 301
    https://tillit2.nordictrustee.com/ Page URL
  2. https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158 Page URL
  3. https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tillit2.nordictrustee.com/ HTTP 301
  • https://tillit2.nordictrustee.com/

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tillit2.nordictrustee.com/
Redirect Chain
  • http://tillit2.nordictrustee.com/
  • https://tillit2.nordictrustee.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tillit2.nordictrustee.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.105.161.38 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c903d7418d85edda3f5f3c33533429c50d824ce2bd583e033186d7a7f5547f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Dec 2022 12:41:29 GMT
ETag
W/"b20-1855cf49538"
Last-Modified
Thu, 29 Dec 2022 08:16:51 GMT
Referrer-Policy
no-referrer
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
195
Content-Type
text/html
Date
Thu, 29 Dec 2022 12:41:29 GMT
Location
https://tillit2.nordictrustee.com/
Server
Microsoft-Azure-Application-Gateway/v2
css
fonts.googleapis.com/ 		11 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500|Roboto+Condensed:300,700|Roboto+Slab:700&display=swap
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c723c606aaf145b6e99a5b0df1cd753f106f91f788b85430daffbe60ed2549bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Dec 2022 12:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 12:41:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Dec 2022 12:41:30 GMT
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Dec 2022 12:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 12:41:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Dec 2022 12:41:30 GMT
env-config.js
tillit2.nordictrustee.com/ 		937 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tillit2.nordictrustee.com/env-config.js
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.105.161.38 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d83c6349b0264198ce57543c72e9dc25a68adda67ae742f3da87ef23be0b8279

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:41:30 GMT
Referrer-Policy
no-referrer
Connection
keep-alive
ETag
W/"3a9-smTIjkig96sjbi68xhArE4QY0o4"
Content-Length
937
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
2.bc2bca40.chunk.css
tillit2.nordictrustee.com/static/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tillit2.nordictrustee.com/static/css/2.bc2bca40.chunk.css
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.105.161.38 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2866d656ef78299c127380f1ec24236557cbfe5ca2293135b11add38bdb008e7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:41:30 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Thu, 29 Dec 2022 08:16:51 GMT
ETag
W/"49a3-1855cf49538"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
main.3138c2ec.chunk.css
tillit2.nordictrustee.com/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tillit2.nordictrustee.com/static/css/main.3138c2ec.chunk.css
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.105.161.38 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dcd4e14ef9e0d0b5e0d06e7a9f80bb1be5bd7db22dfcae9401c33be71cb93853

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:41:30 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Thu, 29 Dec 2022 08:16:51 GMT
ETag
W/"6ee-1855cf49538"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
2.3a44f6cb.chunk.js
tillit2.nordictrustee.com/static/js/ 		3 MB
797 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tillit2.nordictrustee.com/static/js/2.3a44f6cb.chunk.js
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.105.161.38 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
21a21312e6c42609505e6e14ffd78632b263b9dd7db63480b152cf3c2655ccbf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:41:30 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Thu, 29 Dec 2022 08:16:51 GMT
ETag
W/"2cace6-1855cf49538"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
main.c2c76620.chunk.js
tillit2.nordictrustee.com/static/js/ 		2 MB
410 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tillit2.nordictrustee.com/static/js/main.c2c76620.chunk.js
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.105.161.38 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
702153993fc08e13c4d72f79caf136fab632defb001c3eda3bfcb5cc2e5bae03

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:41:30 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Last-Modified
Thu, 29 Dec 2022 08:16:51 GMT
ETag
W/"1d5bfb-1855cf49538"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Roboto+Condensed:300,700|Roboto+Slab:700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tillit2.nordictrustee.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 21:25:03 GMT
x-content-type-options
nosniff
age
141389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 21:25:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Roboto+Condensed:300,700|Roboto+Slab:700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tillit2.nordictrustee.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 07:42:11 GMT
x-content-type-options
nosniff
age
190761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 07:42:11 GMT
authorize
login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/ 		151 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158
Requested by
Host: tillit2.nordictrustee.com
URL: https://tillit2.nordictrustee.com/static/js/2.3a44f6cb.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.152.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
54991
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Dec 2022 12:41:32 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14357.7 - WEULR2 ProdSlices
x-ms-request-id
c82ed728-87b0-46e9-83c6-25f65a975b00
Primary Request authorize
login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/ 		194 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.152.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
22d395cb281a6ecc78e0babfe0d563d8cbe57e3cfd40485657049c19d0dd34f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
49908
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Dec 2022 12:41:32 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14357.7 - WEULR1 ProdSlices
x-ms-request-id
fcf8c651-46fc-499b-8405-5fbd3eda1a01
ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		391 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0cHKkYwAAAAA4oTSFDQVaS7G74wnZgVCBTU5aMjIxMDYwNjExMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
zcwWfFMjU4sF0R3R+wJipw==
x-cache
TCP_HIT
content-length
112662
x-ms-lease-status
unlocked
last-modified
Thu, 17 Nov 2022 22:31:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC8EB82F7AC92
x-azure-ref
0/YqtYwAAAAAsfypPGtUCTZ8XVZflVwbRTU5aMjIxMDYwNjEzMDI5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4c51c347-d01e-0042-80fe-12b266000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.81 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0vEqkYwAAAAAGURA9tBeRRYuKfyFLJPd/TU5aMjIxMDYwNjExMDIzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
9K2/nGCj75WAmmAI9nZNCA==
x-cache
TCP_HIT
content-length
19970
x-ms-lease-status
unlocked
last-modified
Thu, 04 Aug 2022 19:37:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA7650B37ACC3D
x-azure-ref
0/YqtYwAAAABqSVYJ40caSonBwQwtlL+rTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
748f7b0b-001e-002f-6dd6-152f5f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0vweqYwAAAAAOo0LJxxkqT5PTMPXnyFw7TU5aMjIxMDYwNjExMDA5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
PQK3wvbTcsjzK31G0UZRtg==
x-cache
TCP_HIT
content-length
13854
x-ms-lease-status
unlocked
last-modified
Wed, 16 Nov 2022 00:33:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC76A3E0B4BE5
x-azure-ref
0/YqtYwAAAABb5EMbwY/LR6LBo2zfoI1xTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e83e54fd-c01e-001f-6cb6-170e4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_85acbcb9234972130506.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0KmSlYwAAAAAY69zg2RfNTZ13Vf9dK8SyTU5aMjIxMDYwNjExMDM1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
4CzbHQsOMg8rU5bCeKMGlw==
x-cache
TCP_HIT
content-length
5530
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:12:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC745B3600473
x-azure-ref
0/YqtYwAAAADHT3CIbPyASLgS8V5LyN7hTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fe98a858-f01e-0040-2811-14e462000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
x-azure-ref-originshield
0niChYwAAAABj30jJ6xRxRYi3XM5MMzuwTU5aMjIxMDYwNjExMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0/YqtYwAAAAA1xOPzXNAESaAMtpoE5UMfTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
061cf6f1-b01e-002c-50e8-115259000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
x-azure-ref-originshield
0FVOoYwAAAABYH/NzlKcPQ4rCA+N6YXimTU5aMjIxMDYwNjEyMDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0/YqtYwAAAAAfGlhP3OF9TINsoJCuQDuMTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
4d109ac6-d01e-006e-644f-15d74c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0FhSjYwAAAAA3Eix1Hr5gSqh7DiQLuPWFTU5aMjIxMDYwNjEyMDUxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
W8lUw496uzczhL0u7372yg==
x-cache
TCP_HIT
content-length
32191
x-ms-lease-status
unlocked
last-modified
Tue, 15 Nov 2022 20:12:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC745B324D8CE
x-azure-ref
0/YqtYwAAAABvL1w1HR12TKcwy7D5IoKyTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e27cdd82-d01e-0016-2524-157d5d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
illustration
aadcdn.msauthimages.net/c1c6b6c8-uahqsxnpnsnkc-bokpzg9bbtpe5kq5jjx5ipfsalena/logintenantbranding/0/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-uahqsxnpnsnkc-bokpzg9bbtpe5kq5jjx5ipfsalena/logintenantbranding/0/illustration?ts=637093412736328451
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.73 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8b82537e08d5d017af7686f601c71aff2623d5f34cfe003b454158eb113a0b0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:34 GMT
last-modified
Thu, 14 Nov 2019 15:14:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
F3x1zKYkEZeFeUe1scJkig==
etag
0x8D769155B1F4208
content-type
image/*
x-ms-request-id
e3021dac-401e-006e-0582-1b851b000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
38141
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-uahqsxnpnsnkc-bokpzg9bbtpe5kq5jjx5ipfsalena/logintenantbranding/0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/c1c6b6c8-uahqsxnpnsnkc-bokpzg9bbtpe5kq5jjx5ipfsalena/logintenantbranding/0/bannerlogo?ts=637093402337417171
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.73 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ba3d0d3b74a802c4516d873000f2f342c817745b9ac9ee6ceb31248824a7db7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:33 GMT
last-modified
Thu, 14 Nov 2019 14:57:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
tNYNa/s7+Bd318dJpgSHDA==
etag
0x8D76912EF53548E
content-type
image/*
x-ms-request-id
e060c8a6-a01e-0046-1982-1bf2a4000000
cache-control
public, max-age=86400
x-ms-version
2009-09-19
content-length
3912
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
x-azure-ref-originshield
0niChYwAAAABj30jJ6xRxRYi3XM5MMzuwTU5aMjIxMDYwNjExMDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
Fm3lNHEmUlOrOkVt7+baIw==
x-cache
TCP_HIT
content-length
2672
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B83739984DD
x-azure-ref
0/YqtYwAAAABYS/iRfDzHSp/gWe77VPudTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
061cf6f1-b01e-002c-50e8-115259000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:32 GMT
x-azure-ref-originshield
0FVOoYwAAAABYH/NzlKcPQ4rCA+N6YXimTU5aMjIxMDYwNjEyMDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
tUCo5RgDcZLjLE/li/Lbqw==
x-cache
TCP_HIT
content-length
3620
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jan 2020 19:28:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D79B8373B17F89
x-azure-ref
0/YqtYwAAAAD4b8DjeLnFQax4tBlB+JqvTU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
4d109ac6-d01e-006e-644f-15d74c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
ssoprobe
autologon.microsoftazuread-sso.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/winauth/ssoprobe?client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&_=1672317693593
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1036:3000:18::1 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 29 Dec 2022 12:41:33 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
771088af-cbf6-4a44-87b0-bf7791bf3f00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.14357.7 - NEULR2 ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.152.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52fd0a28c370f6059ea20dcd29c86a059fc818bcc40d2e996b2608e2fc9df0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
fcf8c651-46fc-499b-8405-5fbd3eda1a01
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
client-request-id
1bb381d2-644a-4606-b0a9-2805b98d5c05
canary
AQABAAAAAAD--DLA3VO7QrddgJg7WevrADHK3P4xM9AVgQH5bt2NSp76OqfssY-rDIWF85yiZkBgI7WRNQMDbtJB7WWzH_JK5JWt8rrHRY07ZEl2OOy0dhuD4KOo_ZBXQ0ugr0dJKSZIEcoqWSKnHaRsmj9tnjcIFe3t7NKchtzqfvD32MeL7u8liJTcxIdnsgqu879s_9y8Si58L5jcTHg_cWHuo8T2Hlp6RBxR-bJTN1TpkG_BYiAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/oauth2/authorize?response_type=id_token&client_id=e1f43cdf-92fc-415f-9389-5fe150d98a86&redirect_uri=https%3A%2F%2Ftillit2.nordictrustee.com&state=282691f3-979a-4e02-964f-f8b2845f8950&client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&x-client-SKU=Js&x-client-Ver=1.0.18&nonce=092c2b00-69c5-462d-bb79-4c4a6ea0a158&sso_reload=true
hpgact
1800

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 29 Dec 2022 12:41:33 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
1bb381d2-644a-4606-b0a9-2805b98d5c05
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
264
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
fcf8c651-46fc-499b-8405-5fbd57da1a01
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.14357.7 - WEULR1 ProdSlices
Expires
-1
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Dec 2022 12:41:33 GMT
content-encoding
gzip
x-azure-ref-originshield
0JsmjYwAAAAD/vvKlu4emQJ9g8+Fp9PxLTU5aMjIxMDYwNjEyMDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
R2FAVxfpONfnQAuxVxXbHg==
x-cache
TCP_HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8852A7FA6B761
x-azure-ref
0/oqtYwAAAAD+U6OOWojMQ6SLTV/6ray0TU5aMjIxMDYwNjEzMDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
336b041f-a01e-0035-4afa-139168000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pfetchsessionsprogress_85acbcb9234972130506 boolean| __convergedlogin_pcustomizationloader_442ad4dbc9101c033d33

14 Cookies

Domain/Path Name / Value
tillit2.nordictrustee.com/ Name: ai_user
Value: HAg0gbI+/O/uLmLz1zR47g|2022-12-29T12:41:31.780Z
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AQsAoXpdWljKuU2Ycq0N4QdpK9889OH8kl9Bk4lf4VDZioaEAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevrx_hdGgA0C7cOvDIo2SQPHhudXlNDCjjD5c3vb7RZsBdjve9XpEtg1rVrz9LLe-K5qA6Qm_zzM9j5LIO83cfH9mF4e1ol9cnFPgNDNIZqdn4gAA
login.microsoftonline.com/ Name: fpc
Value: AnkyvRgd56ZImf1r8J-47bL3fbsMAQAAAPyBP9sOAAAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7WevrJhSCi_t3porEuiL_tb7l36LKSVKJ2z5xn4Ip5DwwB2jlwWObKOS3WI3CjVmUo0ABdeN_4xrawDCsNziLUWLhklLHx7uQEIPr9FJdCLZHSPhmfYyE8gs4yy54XhZD2BphCJvGxQNrUq8FyY-os1euc3a1tQKVDp_gPH1bO3EdjxEgAA
.login.live.com/ Name: uaid
Value: e5894ed3a879480f9bcd0070f67a9e06
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1672317693&co=1
.login.microsoftonline.com/ Name: brcap
Value: 0
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AkZnHtELXdVBv2mdfw7-2z0
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://autologon.microsoftazuread-sso.com/5a5d7aa1-ca58-4db9-9872-ad0de107692b/winauth/ssoprobe?client-request-id=1bb381d2-644a-4606-b0a9-2805b98d5c05&_=1672317693593
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
tillit2.nordictrustee.com
152.199.4.73
20.105.161.38
20.190.152.21
2603:1036:3000:18::1
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2003
2620:1ec:49::40
40.126.24.81
21a21312e6c42609505e6e14ffd78632b263b9dd7db63480b152cf3c2655ccbf
22d395cb281a6ecc78e0babfe0d563d8cbe57e3cfd40485657049c19d0dd34f4
2866d656ef78299c127380f1ec24236557cbfe5ca2293135b11add38bdb008e7
28fa8f3ba41d8801e3d95e7128f5b2189a4344ebee1a56d4be7a313959f608e1
4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea
52fd0a28c370f6059ea20dcd29c86a059fc818bcc40d2e996b2608e2fc9df0d9
5ba3d0d3b74a802c4516d873000f2f342c817745b9ac9ee6ceb31248824a7db7
6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993
702153993fc08e13c4d72f79caf136fab632defb001c3eda3bfcb5cc2e5bae03
7c903d7418d85edda3f5f3c33533429c50d824ce2bd583e033186d7a7f5547f6
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b82537e08d5d017af7686f601c71aff2623d5f34cfe003b454158eb113a0b0a
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
c723c606aaf145b6e99a5b0df1cd753f106f91f788b85430daffbe60ed2549bd
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d83c6349b0264198ce57543c72e9dc25a68adda67ae742f3da87ef23be0b8279
dcd4e14ef9e0d0b5e0d06e7a9f80bb1be5bd7db22dfcae9401c33be71cb93853
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855